Define whaling in the context of phishing attacks.

Whaling refers specifically to a type of phishing attack that is highly targeted, focusing on high-profile individuals such as executives, senior managers, and other key decision-makers within an organization. This approach is deliberate, as attackers often gather detailed information about their targets to craft convincing messages that can easily deceive them. The goal is typically to acquire sensitive information, financial data, or unauthorized access to company systems.

This type of attack differs significantly from other forms of phishing. For instance, mass attacks involve sending generic emails to large groups with the hope that a few individuals will respond. Likewise, generic spam campaigns don’t target individuals based on their status within an organization but rather aim for high volumes to achieve some success. Phishing involving fake websites focuses more on luring victims into providing credentials on lookalike sites without necessarily being personalized or targeted at high-profile individuals.

In essence, the distinctive feature of whaling is its focused nature on influential individuals, making it a dangerous variant of phishing that can have serious consequences for organizations if successful.